[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Making a WAP


Actually, what you are trying to achieve is not possible without IOMMU, as a vif is just a bridged virtual interface.  Your DomU needs direct access to the physical card, using PCI Passthrough.  For this both your CPU and Motherboard must be IOMMU Compatible (VT-d for Intel, AMD-Vi for AMD).

I have a similar configuration at home involving a PFSense router, debian web server and multimedia virtual machine.  To save you some time, you probably won't achieve Wireless N, this is because most routing packages do not yet support it.  As of March there were only a handful of drivers, and the related chips were only featured in laptop wireless cards.

So you are facing two problems:

A.  Do you have IOMMU Compliant Hardware?

B.  Is Wireless G Okay?

Based on these machines:

murder (dom0)
libel (domu web server)
fraud (domu router)
incest (file server domu?)

These solutions are based on two assumptions:

A.  That fraud is to provide iinternet access for the connection machines.
B.  That libel and fraud will be using a routing device, but libel needs a static IP.

If not A then omit the WAN interface for fraud from the proposed solutions.
If not B then add one extra interface for a separated WAN for libel.

My proposed solution:

Using two physical NIC's you would bridge them using murder's interfaces file.  You can tell murder to ignore these bridges so it remains a hermit and doesn't grab an IP.

The bridges could be WAN and LAN.  WAN can be passed to fraud and libel.  Assign a static IP in libel's interfaces file.  Let fraud receive a dynamic IP from WAN.  Connect the LAN bridge to fraud and to incest, and have the physical NIC connect to a Wireless N router.

Configure the Wireless N router to use bridged mode, and install a routing package in fraud, because interfaces probably won't do everything you need it to for intranet management.

Your Ideal Solution:

To achieve exactly what you want, you need IOMMU to let murder remain a hermit.

You will need at least one physical known compatible wireless G device and a routing package selected for fraud.

You will need one physical NIC for libel, another physical NIC for fraud.

You can pass one physical NIC to libel and assign a static IP using libel's interfaces file.

You can pass a physical NIC to fraud for WAN and let it pull a dynamic IP from another routing device.  You can also pass the physical wireless G card to fraud, and install the selected routing package to setup your WAP.

For incest you can use another Wireless NIC to connect to fraud wirelessly, or you will need two more physical NIC's for fraud and for incest and a cable to connect the two.

I hope this helps get you started.


On Tue, Jun 19, 2012 at 12:36 PM, Alexandre Kouznetsov <alk@xxxxxxxxxx> wrote:

El 19/06/12 10:06, Adrian May escribió:

But I can't see how I'm supposed to get the wireless NIC into xen at

I believe Xen does not supports that low level interaction between a DomU and the hardware with some standard wrapper, like with wired Ethernet interface.

Check if your Motherboard supports IOMMU. Probably your best shot would be passthrugh the whole WiFi card into Fraud. That is hopefully low level enough.


Alexandre Kouznetsov

Xen-users mailing list

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.